QUESTION 121An administrator installed a Cisco ASA that runs version 9.1. You are asked to configure the firewall through Cisco ASDM.When you attempt to connect to a Cisco ASA with a default configuration, which username and password grants you full access?

QUESTION 123Which two options are purposes of the packet-tracer command? (Choose two.)

A. to filter and monitor ingress traffic to a switchB. to configure an interface-specific packet traceC. to simulate network traffic through a data pathD. to debug packet drops in a production networkE. to automatically correct an ACL entry in an ASA

Answer: CD

QUESTION 124Refer to the exhibit. Server A is a busy server that offers these services:– World Wide Web– DNSWhich command captures http traffic from Host A to Server A?

QUESTION 125Your company is replacing a high-availability pair of Cisco ASA 5550 firewalls with the newer Cisco ASA 5555-X models. Due to budget constraints, one Cisco ASA 5550 will be replaced at a time.Which statement about the minimum requirements to set up stateful failover between these two firewalls is true?

A. You must install the USB failover cable between the two Cisco ASAs and provide a 1 Gigabit Ethernet interface for state exchange.B. It is not possible to use failover between different Cisco ASA models.C. You must have at least 1 Gigabit Ethernet interface between the two Cisco ASAs for state exchange.D. You must use two dedicated interfaces. One link is dedicated to state exchange and the other link is for heartbeats.

Answer: B

QUESTION 126In which two modes is zone-based firewall high availability available? (Choose two.)

QUESTION 127You are the administrator of a multicontext transparent-mode Cisco ASA that uses a shared interface that belongs to more than one context. Because the same interface will be used within all three contexts, which statement describes how you will ensure that return traffic will reach the correct context?

A. Interfaces may not be shared between contexts in routed mode.B. Configure a unique MAC address per context with the no mac-address auto command.C. Configure a unique MAC address per context with the mac-address auto command.D. Use static routes on the Cisco ASA to ensure that traffic reaches the correct context.

Answer: C

QUESTION 128A rogue device has connected to the network and has become the STP root bridge, which has caused a network availability issue.Which two commands can protect against this problem? (Choose two.)